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(54) Software pay per use system. 

(57) A pay per use system for the prevention of the 
unauthorized use of computer software. An en- 
cryption program encodes original software to 
produce secured software. The encoding is ac- 
complished by using cryptographic techniques. 
In order to use the software, a user must call a 
telephone number to receive the cryptographic 
keys necessary to decrypt the secured software. 
Thus, users must pay for each use of the sec- 
ured software. The system allows software de- 
velopers to freely distribute the secured 
software. Copies of the secured software may 
be freely made, because payment is based on 
each use of the software not on each copy of 
the software. 
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Field of the Inventi n 

This invention relates generally to the protection 
of computer software from illegal copying. More par- 
ticularly, this invention relates to a pay per use pro- 
tection technique in which a user must make a tele- 
phone call in order to use protected software. 

Background of the Invention 

Software piracy, the illegal copying of commer- 
cial computer programs, is a major problem in the per- 
sonal computer industry. Software developers cur- 
rently have three common techniques to prevent ille- 
gal copying of their software. The first is the use of 
hardware "keys". These keys are devices that attach 
to a computer's printer port. Before starting, the soft- 
ware attempts to query the key. If there is no re- 
sponse, or an incorrect response, the software will 
not start. The second technique is the use of a key 
disk. This is like a hardware key, except the key is a 
floppy disk that must be in the computer's disk drive. 
A third technique is to sell copy-protected software. In 
this technique, the developer puts the program on a 
floppy disk in such a form that a direct copy of the disk 
will produce an incorrect copy of the software. 

All of the above mentioned techniques have prob- 
lems. They require developers to incorporate piracy 
protection into their programs. They are brittle, mean- 
ing that once a single copy with the protection circum- 
vented exists, the protection is useless. Also, they 
cause inconvenience to legitimate users of the soft- 
ware. An ideal protection scheme would make it im- 
possible for people to use commercial software ille- 
gally, without posing any inconvenience to the devel- 
oper or the user of the software. 

Summary of the Invention 

Generally, the present invention provides a tech- 
nique which is close to the ideal. It is based upon dis- 
tributing software in such a way that users must call 
a telephone number to get the software to work. If the 
telephone call is to a number which results in a per call 
service fee, such as a "900" number, then making the 
call guarantees that the users pay for the use of the 
software. 

More specifically, an encryption program con- 
verts any existing program into a new program called 
the secured software. The secured software is a pro- 
gram that contains the original software in encoded 
form. The encryption program, when constructing the 
secured software, both compresses and encodes the 
original program. The compression removes most of 
the redundancy, making code-breaking difficult, and 
reduces the size of the secured software. The result- 
ing program contains the original software in a com- 
pletely unreadable form. 



The developer may then distribute the secured 
software freely. To use the software, the user calls a 
telephone number, from which the user gets a num- 
ber that the secured software uses to decode the en- 

5 crypted computer program. This telephone number 
may be a number that results in a per call service fee, 
in which case the act of making the call guarantees 
that the user pays for the use of the software. 

Several variations are possible. For example, the 

10 secured software may control dialing the telephone 
number through a modem and running the code 
transaction automatically, A single call might incre- 
ment a counter in the software to allow multiple uses. 
Free telephone service, such as an M 800" number, 

15 could readily be provided through which potential 
users can download secured software. Additional 
services might be readily provided. 

To the software developer, the present invention 
provides an additional distribution source for which 

20 there is little cost -the encryption program in its sim- 
plest form does not have to be incorporated into the 
software. To the user, there is no difficulty with back- 
ups and no danger of losing a hardware or floppy disk 
key. All that is needed to run the software is a phone 

25 call. The user also has the option of trying out the 
software before spending a considerable amount to 
purchase it. 

Description of the Drawings 

30 

Fig. 1 is a block diagram of an implementation of 
the system of the present invention. 

Fig. 2 is a block diagram illustrating software reg- 
istration and generation of secured software. 
35 Fig. 3 is a block diagram of a first embodiment of 

a pay per use software validation technique. 

Fig. 4 is a block diagram of a second embodiment 
of a pay per use software validation technique adding 
random number generation by the validation system. 
40 Fig. 5 is a block diagram of a third embodiment of 

a pay per use software validation technique adding 
encryption of the generated random numbers. 

Detailed Description 

45 

This invention is described with reference to va- 
rious data encoding and decoding techniques. Thus, 
a brief explanation of basic cryptography follows. 
Cryptographic systems generally transform data 

so through the use of two basic elements, a crypto- 
graphic algorithm and keys. The cryptographic algo- 
rithm contains procedures for encoding and decoding 
the data. These encoding and decoding procedures 
are generally identical or may consist of the same 

55 steps performed in reverse order. The keys, which are 
selected by the users, consist of a sequence of num- 
bers or characters, which ar used by the crypto- 
graphic algorithm to code and decode the data. In the 
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following detailed description we discuss two types of 
cryptographic systems. 

The first type of system is the single key system. 
In this type of system a single key is used for both data 
encoding and decoding. Thus, in order to ensure pro- 5 
tection, this key must be kept secret. In this descrip- 
tion we refer to the Data Encryption Standard (DES) 
single key technique. This is a data encryption tech- 
nique which has been accepted as a standard by the 
National Bureau of Standards, and is well known to 10 
one skilled in the art of cryptography. 

Another type of system is a public key system. In 
this type of system, instead of using one key for both 
data encoding and decoding, two keys are used, one 
to encode the data and one to decode the data. Gen- 1 5 
erally one key is made public and one key is kept pri- 
vate. If the public key is used to encode the data, then 
the private key is used to decode the data, and vice 
versa. An important aspect of this type of system is 
that it is impossible to deduce the private key from the 20 
public key. Public key cryptography is also well known 
to one skilled in the art of cryptography. 

The data encryption and decryption techniques 
we discuss here are for illustrative purposes. Various 
other techniques could be substituted for those de- 25 
scribed herein without departing from the scope and 
spirit of the invention. 

Fig. 1 illustrates one possible implementation of 
a system according to the present invention. The soft- 
ware validation system 100 comprises a central proc- 30 
essing unit 102, a memory unit 110, and a modem 
104. The central processing unit 102 is connected to 
the modem 104 and the memory unit 110. The mem- 
ory 110 contains software registration program code 
111 to implement the functions required during the 35 
software registration process, software validation 
program code 112 to implement the functions re- 
quired during the software validation process, and a 
storage area 113 for the storage of software identifi- 
cation information and associated keys. The modem 40 
104 is used to transmit data to and receive data from 
the software developer system 120 and the software 
user system 140. 

The software developer system 120 comprises a 
central processing unit 124, a modem 122, and a 45 
memory unit 130. The central processing unit 124 is 
connected to the modem 122 and the memory unit 

130. The memory unit 130 contains original software 

131, an encryption program 132, and secured soft- 
ware 133 after it is generated. The original software 50 
131 is the software the developer wishes to register 

and protect. The encryption program 132 is the pro- 
gram which interacts and communicates with the 
software validation system 100 during software reg- 
istration and generation of the secured software 1 33. 55 
The secured software 133 contains an encrypted ver- 
sion of the original software 131 along with user vali- 
dation software. This user validation software is pro- 



gram code that will interact and communicate with the 
software validation system 100 during software vali- 
dation. These functions are described below in con- 
junction with Figs. 2-5. 

The software validation system 100 and the soft- 
ware developer system 120 communicate with each 
other over a communications network 160 through 
the modems 104 and 122. In one embodiment, the 
communications network 160 is a public telephone 
line. 

The user system 140 comprises a central proc- 
essing unit 144, a modem 142, and a memory unit 
150. The central processing unit is connected to the 
modem 142 and the memory unit 150. The memory 
unit 1 50 contains a copy of the secured software 151, 
which comprises both the encrypted original software 
and the user validation software as discussed above. 
This secured software 151 is a copy of the secured 
software 133 which was generated by the software 
developer system 120. 

The validation system 100 and the user system 
1 40 communicate with each other over a communica- 
tions network 170 through the modems 104 and 140. 
In one embodiment, this communications network 
1 70 is a public telephone line, and the communication 
is initiated by the user system 140 dialing a telephone 
number which results in a per call service fee (e.g. a 
fee set for dialing a "900" number). This call would en- 
sure that the user pays for each use of the software. 

The generation of the secured software 133 and 
the registration of the software with the software va- 
lidation system is described with reference to Fig. 2. 
The broken line 202 represents the separation be- 
tween the software developer system 120 and the 
software validation system 100. Figure elements 
shown above line 202 represent functions which are 
performed by the software validation system 100 by 
execution of the software registration code 111, and 
figure elements shown below line 202 represent func- 
tions which are performed by the software developer 
system 120 by execution of the encryption program 
132. Data which is sent between the two systems 
must be transmitted across the communications net- 
work 1 60. The transmission of data over the commu- 
nications network 160 is represented in Fig. 2 by lines 
crossing dividing line 202. 

The first step 21 0 is for the software developer to 
collect software identification information. This infor- 
mation consists of the name of the software, the 
name of the software developer, the address of the 
software developer, and any other information which 
may be desired. This information is transmitted 
across the network 160 to the software validation 
system 100. In step 204 the software validation sys- 
tem 1 00 will store the software identification informa- 
tion in memory 113 and will select the next ID number 
for the software. This ID number is any uniqu iden- 
tifier for the software. The validation system 1 00 then 
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generates a random public/private key pair and gen- 
erates a random DES key in step 206. 

The generated random private key and the gen- 
erated random DES key are stored in the software 
registration system memory 113 along with the soft- 
ware ID number in step 208. Returning now to the 
software developer system 1 20, the original software 
220 is converted into a packed file in step 218. The 
method used to pack the original software may be any 
suitable data compression technique, such as Huff- 
man encoding, which is well known in the art This 
compression removes most of the redundancy in the 
software, making code breaking difficult, and reduc- 
es the size of the secured software. The file header 
from this packed file is then encrypted in step 212 us- 
ing the DES key generated by the software validation 
system. Only the file header is encrypted since the 
packed file cannot be unpacked without the file head- 
er. Thus, sufficient protection is ensured by encrypt- 
ing only the file header. The packed file body and the 
DES encrypted header which were generated by the 
software developer system 120, and the public key 
and the software ID which were generated by the 
software validation system 100, are then used to 
build the secured software in step 214. The secured 
sof tware 2 1 6 may then be distributed to users for use 
in accordance with the invention. In order for a user 
to use the secured software, it must be converted into 
an executable module in accordance with the present 
invention. 

A first embodiment of a pay per use validation 
technique is described in conjunction with Fig. 3. The 
broken line 302 represents a separation between the 
software validation system 100 and the user system 
1 40. Figure elements shown above line 302 represent 
functions performed by the software validation sys- 
tem 100 by execution of the software validation code 
112, and figure elements shown below line 302 rep- 
resent functions performed by the user system 140 
by execution of the user validation software portion 
of the secured software 151. Any data which is 
passed between the pay per use validation system 
100 and the user system 140 is represented by lines 
crossing dividing line 302 and must be transmitted 
over the communications network 170. Data is most 
vulnerable to unauthorized access by an unautho- 
rized user when it is transmitted over the communi- 
cations network 170. 

The first step 316 is to transmit the software ID 
number to the validation system 100. This is the 
unique ID number which was assigned to the soft- 
ware during the generation of the secured software 
(described in conjunction with Fig 2). In step 308 the 
validation system 1 00 will use this ID number to credit 
the software develop r's account for th use of the 
software. As discussed above, in one embodiment of 
the invention, a user must call a per call service fee 
telephone number in order to initiate communication 



over the communications network 170. Thus, the ID 
number allows the validation system 100 to credit the 
account of the developer of the software which is be- 
ing validated. This ID number is also used to look up 

5 the private key in step 304 and the DES key in step 
306, both of which were generated and stored in the 
validation system memory 113 during the software 
registration and generation of the secured software. 
The user system generates a random number 

10 (R1) in step 320 and encrypts that random number 
with the public key in step 318. The random number 
is encrypted so that when it is transmitted to the va- 
lidation system 100 over the communications net- 
work 170, a person attempting to circumvent the pro- 

15 tection scheme could not intercept the random num- 
ber. The validation system 1 00 will use the private key 
obtained in step 304 to decrypt the random number 
generated by the secured software in step 310. The 
decrypted random number (R1) is then exclusive 

20 ORed with the DES key in step 312. This results in a 
DES key masked by the random number generated 
by the user system. This masked DES key is then en- 
crypted with the private key in step 314 and transmit- 
ted to the user system 140 over the communications 

25 network 1 70. The user system will then use the public 
key to decrypt the masked DES key in step 322. The 
result is the DES key masked by the random number 
(R1). This masked DES key is then unmasked by ex- 
clusive ORing it with the random number (R1 ) in step 

30 324. The result is an unmasked, unencrypted DES 
key. This is the same DES key which was used to en- 
crypt the original software. The DES key is then used 
to decrypt the encrypted file header in step 326. The 
result is an unencrypted file header which is then 

35 used to unpack the packed file body in step 328. The 
result is a software executable file which may then be 
executed 330 on the user system. 

As discussed above, the weakest points in this 
validation process are where data is transmitted 

40 across the communications network 1 70 because it is 
at these points that an unauthorized user could most 
easily attempt to intercept and record the data that is 
being transmitted. One way to circumvent the se- 
cured software protection would be to alter the ran- 

45 dom number generation portion of the user validation 
code in the secured software 151 so that the same 
random number is always generated. Then the user 
calls the telephone number once, giving the fixed ran- 
dom number and records what comes back. Since the 

50 program has been altered to always generate this 
same random number, the information that was re- 
corded is provided to the secured software upon each 
subsequent execution. One scheme to prevent such 
unauthorized use is described below in conjunction 

55 with a second embodiment of a pay per use validation 
technique. 

This second embodiment is described in conjunc- 
tion with Fig. 4. In this embodiment, a second random 



4 



7 



EP 0 653 695 A2 



8 



number is generated in the validation system 100. 
This random number is concatenated with the random 
number from the user system 1 40, and the combined 
random number is used to mask and unmask the DES 
key. This will be clear from the following description 5 
of this embodiment in conjunction with Fig. 4. This 
second embodiment is similar to the first embodiment 
shown in Fig. 3. Thus, only the differences between 
the two embodiments will be discussed here. Like 
numbered elements in Figs. 3 and 4 perform like 10 
functions. 

In the second embodiment, both the validation 
system 100 and the user system 140 generate ran- 
dom numbers at steps 320 and 332. In step 334 the 
validation system 1 00 concatenates the random num- is 
ber (R1) it generated and the random number (R2) 
generated by user system. The resulting random 
number (R1 R2) is then exclusive ORed with the DES 
key in step 312 to produce a masked DES key as dis- 
cussed in conjunction with Fig. 3. The user system 20 
140, like the validation system 100, concatenates the 
random numbers R1 and R2 in step 336. The resulting 
random number (R1R2) 'is then used to unmask the 
DES key in step 324 as discussed above in conjunc- 
tion with Fig. 3. The remainder of the functions of em- 25 
bodiment two are the same as described in conjunc- 
tion with embodiment one and Fig. 3. 

This second embodiment as shown in Fig. 4 adds 
extra protection to the first embodiment discussed in 
conjunction with Fig. 3. Since the validation system 30 
100 also generates a random number and then con- 
catenates that random number with the random num- 
ber generated by the user system 140, the masking 
of the DES key depends upon both generated random 
numbers. Thus, even if a user could fix the random 35 
numbered generated by the secured software to be 
the same each time, the random number generated 
by the validation scheme would be different and 
therefore, the user could not correctly unmask the 
DES key. 40 

A third embodiment of a validation technique ac- 
cording to the present invention is discussed in con- 
junction with Fig. 5. This embodiment adds several 
features to the embodiments shown in Figs. 3 and 4. 
The random number (R1) generated in the validation 45 
system 100 is encrypted before being transmitted to 
the user system 140. Also, the random number (R2) 
generated by the user system 140 is not itself trans- 
mitted to the validation system 100. These details will 
become clear from the following discussion of Fig. 5. 50 
The elements of the embodiment shown in Fig. 5 
which are the same as those air ady discussed in 
conjunction with Figs. 3 and 4 will not be discussed 
in detail here. Only the additional steps of the embodi- 
ment shown in Fig. 5 will be described below. Ele- 55 
ments in Fig. 5 with like numbers to elements in Figs. 
3 and 4 perform like functions. 

Referring now to Fig. 5, the random number (R1) 



generated by the validation system in step 332 is en- 
crypted with the private key in step 340 before being 
transmitted to the user system. The encrypted ran- 
dom number is decrypted by the user system in step 
346 and is then concatenated in step 336 with the ran- 
dom number (R2) generated by the user system in 
step 320. The resulting concatenated random number 
(R1R2) is then encrypted with the public key in step 
318 and transmitted to the validation system. The en- 
crypted random number is then decrypted by the va- 
lidation system in step 310. The validation system, in 
step 342, then checks to determine whether the ran- 
dom number it generated in step 332 (R1) is the same 
as the R1 portion of the random number returned by 
the secured software. If R1 has been modified, it in- 
dicates that the random number has been manipulat- 
ed in some way by the user in an attempt to defeat the 
protection, and the process is halted. Otherwise, the 
validation system uses the concatenated random 
number to mask the DES key in step 31 2. The system 
then continues in a manner similar to that explained 
above in connection with the embodiments of Figs. 3 
and 4. 

In the embodiment of Fig. 5, the random number 
(R1) is encrypted before being transmitted from the 
validation system to the user system. Similarly, the 
concatenated random number R1R2 is encrypted be- 
fore being transmitted from the user system to the va- 
lidation system. Note that the random number (R2) 
generated by the user system is never itself transmit- 
ted to the validation system. These techniques make 
it more difficult for an unauthorized user to defeat the 
protection scheme by altering the random number 
generated by the user system 140. 

There are other possible techniques for the pre- 
vention of piracy by altering the random number gen- 
eration. One technique is to not generate or keep a di- 
rect, complete copy of the random number in the user 
system. This approach will make it difficult for a user 
to determine exactly what the current random number 
is by directly examining memory. For example, the 
random number could be provided by adding or exclu- 
sive ORing several bytes in memory. The random 
number is then generated in the user's system only 
when needed and only one byte (or word) at a time ex- 
ists in a readable form in the system. Another techni- 
que to prevent the altering of the random number gen- 
eration is to do a cyclical redundancy check of the se- 
cured program code to make sure it has not been 
modified to provide a fixed random number. Another 
technique is to include as part of the random number 
some easily verified information, such as the approx- 
imate time. Then, when the secured software code 
uses the random number, it can determine if the time 
information is correct. If not, the random number may 
have been altered and the system could abort. These 
techniques for preventing piracy through the random 
number generation are given as examples only and 
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are not exhaustive. One skilled in the art could imple- 
ment these, and other techniques in order to prevent 
piracy through manipulation of the random numbers 
generated by the user system 140 and the software 
validation system 100. 5 

Another possible way to attempt to circumvent 
the software protection could be to examine memory 
of the user system after the DES key is received and 
decoded. This approach might reveal the DES key 
and could render the security features of the system 10 
ineffective. There are several techniques which would 
prevent this piracy. One technique is to split the pro- 
gram code into several segments each with a sepa- 
rate DES key. The above described decryption tech- 
niques could be repeated several times to prevent 15 
having all necessary DES keys in memory simultane- 
ously. Another technique would be to store segments 
of the DES key in several places in memory so as to 
make finding the entire DES key more difficult. An- 
other technique makes use of the fact that storing 20 
segments of the DES key in indirect form in memory 
will make determining the key difficult. For example, 
by exclusive ORing sections of the key with other ran- 
dom sections of memory when needed, would pre- 
vent an exact copy of any part of the DES key from 25 
ever existing in memory. Examination of several loca- 
tions in memory would be necessary to determine 
each byte of the DES key. One skilled in the art could 
implement these and other techniques to prevent pir- 
acy by examining memory to determine the DES key. 30 

Another possible piracy technique could be to ex- 
amine and copy the memory of the user system after 
the secured software has been decoded. At this point, 
the original software exits in an executable format in 
the user system. There are several possible techni- 35 
ques to prevent this type of piracy. For example, an 
interrupt routine based on a timer interrupt could be 
added to the secured software. This routine would ex- 
amine the program counter in the user system central 
processing unit and would eliminate or overwrite the 40 
program from memory once the program counter in- 
formation indicates that the program is no longer run- 
ning. Another technique is to arbitrarily complement 
sectors on the disk where the program is stored to in- 
dicate that the program is running and to complement 45 
those sectors again when the program is finished in 
order to restore those sectors. This would make a 
copy of the program from memory that does not go 
through the normal startup/finish sequence damag- 
ing to the information on the disk. The program state 50 
could not be captured at an arbitrary point, saved to 
disk, and later restored for further xecutions. The 
disadvantage is that power outages, resets, or other 
abnormal terminations would leav the disk in the al- 
tered state. Another technique would be to encode the 55 
syst m time into the program's memory image, and 
check it with the current system time on a frequent ba- 
sis. The program could be eliminated if the system 
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time has large discontinuities that indicate the pro- 
gram may have been saved and restored for later exe- 
cution. Yet another technique would be to encode 
sensitive information about the user into the pro- 
gram's memory image. This could be a credit card 
number or the user's phone number. This would not 
only discourage giving away copies of executable 
memory images illegally saved, but would also allow 
traceback to the source of the de-secured or altered 
software. One skilled in the art could implement 
these and other techniques to prevent piracy by copy- 
ing an executable copy of the program from memory. 

In addition to the above, various other security 
enhancements are possible. For example, a develop- 
er's toolkit could provide methods of charging other 
than on a per use basis. This might include charging 
by the number of files created, by the hour or day, etc. 
Also, it might be possible to allow single calls to more 
expensive telephone numbers to authorize multiple 
uses. For example, if each use cost $0.75 on a per 
use basis, a call to another number might cost $5.00 
and authorize 10 uses, while another number might 
cost $50.00 and authorize 500 uses, giving the user 
a substantial volume discount. These "developer's 
toolkit" derived versions of the secured software 
would have to be able to save themselves on disk in 
a semi-secured form with a software counter that 
keeps track of the number of executions/operations 
left. It would also be considerably easier to make un- 
authorized copies and illegally distribute copies with 
the "counters" set to high values. Embedding the 
user's verified credit card number and phone number 
would probably prevent most people from distributing 
illegal copies. Another way to trace illegal copies of 
semi-secured discount volume usage software would 
be to randomly, for example once every 5-10 exe- 
cutions, erase a byte of the program's image from 
memory and disk, and then require the user to call a 
telephone number. The user would then provide the 
number displayed on the screen, for example the pro- 
gram ID and the erased address, and the telephone 
response system would give back what was missing. 
In this way a record of telephone numbers is gener- 
ated of users with semi-secured volume usage soft- 
ware. If a comparison of this number list generated 
large call volumes from numbers that were not on the 
per call service fee number list, then those numbers 
may have illegal copies of unsecured software. With 
a developer's toolkit, random combinations of secur- 
ity methods might be applied to a particular piece of 
software so that the methods for securing different 
pieces of software are different. Developing a meth- 
od to break one software package would not be ap- 
plicable to later versions of the same or different soft- 
ware packages. These and other security techniques 
to prevent the unauthorized decryption of the secured 
software could be readily implemented by those skil- 
led in the art. 
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ware identification to the software validation sys- 
tem over said communications network, 

means for receiving said chosen decryp- 
tion key capable of decrypting said identified se- 
cured software from said software validation 
system over said communications network, and 

means for decrypting said secured soft- 
ware using said chosen decryption key. 

2. A software validation system comprising: 

means for storing at least one decryption 

key; 

means for receiving from a communica- 
tions network an identification of encrypted soft- 
ware; 

means for recording the receipt of said 
identification; and 

means for transmitting to the communica- 
tions network a decryption key chosen from said 
at least one stored decryption key, wherein said 
chosen decryption key is capable of decrypting 
said identified encrypted software, and 

wherein a fee is charged for the establish- 
ment of comnunication over the communications 
network. 



In each of the embodiments described above, 
there are several possible variations for the transmis- 
sion of data between the validation system 100 and 
the user system 140. In the simplest, a user may call 
a telephone number and speak to a person who has 5 
access to the validation system. The two human op- 
erators could communicate the information orally. 
The software user would then provide the required in- 
formation to the user system. Another variation would 
be for the user to call a telephone number which con- 1 o 
nects the user to an automated response system con- 
nected to the validation system. In this case, the user 
could use a telephone keypad to pass information to 
the validation system, and the validation system 
could pass information back to the user by voice syn- 1 5 
thesis or recording. A further variation would be to 
transmitdata between the systems via modem. In this 
way. the user system would communicate directly 
with the validation system via electronic communica- 
tions. Thus, the validation of the secured software 20 
would be almost transparent to the user. 

It is to be understood that the embodiments and 
variations shown and described herein are illustrative 
of the principles of this invention only and that various 
modifications may be implemented by those skilled in 25 
the art without departing from the scope and spirit of 
the invention. 



Claims 

1. A system for the validation and use of secured 
computer software comprising: 

a software validation system; 

a software user system comprising se- 
cured software; 

a communications network connected to 
the software validation system and the software 
user system for the transmission of data between 
the systems; 

said software validation system compris- 
ing: 

means for storing at least one decryption 

key. 

means for receiving from said user system 
over said communications network an identifica- 
tion of said secured software, 

means for recording the receipt of said 
identification of secured software, and 

means for transmitting to said user system 
over said communications network a decryption 
key chosen from said at least one stored decryp- 
tion key, wherein said chosen decryption key is 
capable of decrypting said identified secured 
software; 

said software user system further com- 
prising: 

means for transmitting said secur d soft- 



3. The software validation system of claim 2 further 
comprising: 

means for masking said decryption key 
30 with a random number prior to transmitting it to 

the communications network. 

4. The software validation system of claim 3 further 
comprising means for receiving said random 

35 number from the communications network. 

5. The software validation system of claim 2 further 
comprising: 

means for generating a first random num- 

40 ber; 

means for receiving a second random 
number from the communications network; 

means for producing a third random num- 
ber by concatenating said first random number 
45 and said second random number; and 

means for masking said decryption key 
with said third random number prior to transmit- 
ting it to the communications network. 

so 6. The software validation system of claims 3 or 5 
further comprising means for encrypting said 
masked decryption key prior to transmitting it to 
the communications network 

55 7. The software validation system of claim 6 where- 
in said means for encrypting is by use of a public 
key encryption algorithm. 
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8. The software validation system of claim 2 further 
comprising: 

means for generating a first random num- 
ber; 

means for encrypting said first random 
number; 

means for transmitting said encrypted 
first random number to the communications net- 
work; 

means for receiving an encrypted second 
random number from the communications net- 
work, wherein said eecond random number com- 
prises a first section and a second section; 

means for decrypting said second random 
number; and 

means for masking said decryption key 
with said second random number prior to trans- 
mitting it to the communications network. 
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masked and encrypted prior to receipt, the sys- 
tem further comprising: 

means for decrypting said encrypted 
masked decryption key; 

means for generating a random number; 

means for transmitting said random num- 
ber to the communications network; and 

means for unmasking said encrypted 
masked decryption key with said random num- 
ber. 



13. The software user computer system of claim 10 
further comprising means for preventing the un- 
authorized decryption of said encrypted comput- 
15 er program code if communication over the com- 

munications network has not been initiated by a 
telephone call which results in a per call aervice 
fee. 



9. The software validation system of claim 8 further 20 
comprising: 

means for determining whether said first 
or second section of said second random number 
is equal to said first random number; and 

means for masking said decryption key 25 
with said second random number prior to trans- 
mitting only if said first or second section of said 
second random number is equal to said first ran- 
dom number. 

30 

10. A software user computer system for the execu- 
tion of secured software, the system comprising: 

encrypted computer program code; 

means for transmitting an identification of 
the encrypted computer program code to a com- 35 
munications network; 

means for receiving a decryption key from 
the communications network, said decryption 
key capable of decrypting said encrypted com- 
puter program code; and 40 

means for decrypting said encrypted com- 
puter program code with said decryption key; 

wherein a fee is charged for the initiation 
of the communication over the communications 
network. 45 

11. The software user computer system of claim 10 
wherein said received decryption key has been 
masked prior to receipt, the system further com- 
prising: 50 

means for generating a random number; 

means for transmitting said random num- 
ber to the communications network; and 

means for unmasking said masked de- 
cryption key with said random number. 55 

12. The software user computer system of claim 10 
wher in said received decryption key has been 



14. A software user computer system for the execu- 
tion of secured software, the system comprising: 

encrypted computer program code; 

means for transmitting a software identi- 
fication identifying the encrypted computer pro- 
gram code to a communications network; 

means for generating a first random num- 
ber; 

means for receiving a second random 
number, 

means for combining said first and second 
random number to produce a third random num- 
ber; 

means for receiving a masked decryption 
key capable of decrypting said encrypted com- 
puter program code; 

means for unmasking said masked de- 
cryption key with said third random number; and 

means fordecryptiny said encrypted com- 
puter program code with said decryption key, 

wherein a fee is charged for the initiation 
of the communication over the communications 
network. 

1 5. The system of claims 1 , 2, 1 0 or 1 4 wherein com- 
munication over the communications network is 
initiated by a telephone call which results in a per 
call service fee. 

16. The software user computer system of claim 14 
wherein said masked decryption key is encrypted 
prior to receipt said system further comprising 
means for decrypting said encrypted masked key 
prior to unmasking said key. 

17. The software user computer system of claim 14 
wherein said second random number is encrypt- 
ed prior to receipt and said masked decryption 
key is encrypted prior to receipt, said system fur- 



15 



EP 0 653 695 A2 



16 



ther comprising: 

means for decrypting said encrypted 
masked key prior to unmasking said key; and 

means for decrypting said encrypted sec- 
ond random number prior to combining said first 5 
random number and second random number. 

18. A computer system for the registration of soft- 
ware and the generation of secured software 
comprising: 10 

means for transmitting software identifi- 
cation information to a communications network; 

means for receiving at least one key and a 
unique software identification from the commu- 
nications network; and 15 

means for encrypting an executable soft- 
ware file using said at least one key to create a 
secured software module, 

wherein said executable software file is 
capable of being executed by a user only after re- 20 
ceipt of said at least one key. 

19. The computer system of claim 18 wherein said 
secured software module comprises the encrypt- 
ed executable software file and computer pro- 25 
gram code, said computer program code com- 
prising said means for decrypting the executable 
software file using said at least one key, and 

wherein said at least one key is received 
by a user only after said user places a telephone 30 
call which results in a per call service fee. 

20. A software validation system for the registration 
of protected software, the system comprising: 

means for receiving software identifica- 35 
tion information from a communications network; 

means for generating a unique software 
identification code for said received software 
identification; 

means for generating at least one crypto- 40 
graphic key; 

means for transmitting said unique soft- 
ware identification code and at least one crypto- 
graphic key to the communications network; and 

means for storing said unique software 45 
identification and at least one cryptographic key, 

wherein said at least one cryptographic 
key will be used to generate a secured software 
module, said secured software module being 
executable by a user computer system only after so 
receipt of said at least one cryptographic key over 
a communications network, wherein said receipt 
of said at least one cryptographic key is initiated 
by a tel phone call which will result in a per call 
service fee. 55 

21. A method for the validation.and use of encrypted 
secured software comprising the steps of: 



a user of secured software initiating a tel- 
ephone call which will result in a per call service 
fee, said telephone call establishing communica- 
tion over a communications network between 
said user and a software validation system; 

said user of secured software transmitting 
secured software identification to the software 
validation system over the communications net- 
work; 

said software validation system transmit- 
ting to said user over the communications net- 
work a decryption key capable of decrypting said 
secured software; and 

decrypting said secured software with 
said decryption key. 

22. The method of claim 21 further comprising the 
steps of: 

generating a random number in the user 
computer system; 

transmitting said random number to the software 
validation system; 

masking said decryption key with a ran- 
dom number in said software validation system 
prior to transmitting the decryption key to the 
user; and 

unmasking said decryption key with said 
random number in the user's computer system. 

23. A method for validating secured computer soft- 
ware comprising the steps of: 

storing at least one decryption key; 
receiving from a communications network 
an identification of encrypted software; 

recording the receipt of said identification; 

and 

transmitting to the communications net- 
work a decryption key chosen from said at least 
one stored decryption key, wherein said chosen 
decryption key is capable of decrypting said iden- 
tified encrypted software, 

wherein a fee is charged for the establish- 
ment of communication over the communications 
network. 

24. The method of claim 23 wherein said establish- 
ment of communication over the communications 
network is established by placing a telephone call 
which results in per call service fee. 

25. The method of claim 23 further comprising the 
step of masking said decryption key with a ran- 
dom number prior to transmitting it to the commu- 
nications network. 

26. The method of claim 25 further comprising the 
step of receiving said random number from the 
communications network. 
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27. The method of claim 23 further comprising the 
steps of: 

generating a first random number; 

receiving a second random number from 
the communications network; 

producing a third random number by con- 
catenating said first random number and said 
second random number; and 

masking said decryption key with said 
third random number prior to transmitting it to the 
communications network. 

28. The method of claims 25 or 27 further comprising 
the step of encrypting said masked decryption 
key prior to transmitting it to the communication 
network. 

29. The method of claim 28 wherein said step of en- 
crypting is by use of a public key encryption al- 
gorithm. 



33. The method of claim 32 wherein said received de- 
cryption key has been masked prior to receipt, 
the method further comprising the steps of: 
generating a random number; 
5 transmitting said random number to the 

communications network; and 

unmasking said masked decryption key 
with said random number. 

10 34. The method of claim 32 wherein said received de- 
cryption key has been masked and encrypted pri- 
or to receipt, the method further comprising the 
steps of: 

decrypting said encrypted masked de- 
15 cryption key; 

generating a random number; 

transmitting said random number to the 
communications network; and 

unmasking said encrypted masked de- 
20 cryption key with said random number. 



30. The method of claim 23 further comprising the 
steps of: 

generating a first random number; 

encrypting said first random number; 

transmitting said encrypted first random 
number to the communications network; 

receiving an encrypted second random 
number from the communications network, 
wherein said second random number comprises 
a first section and a second section; 

decrypting said second random number; 

and 

masking said decryption key with said 
second random number prior to transmitting it to 
the communications network. 

31. The method of claim 30 further comprising the 
steps of: 

determining whether said first or second 
section of said second random number is equal to 
said first random number; and 

masking said decryption key with said 
second random number prior to transmitting only 
if said first or second section of said second ran- 
dom number is equal to said first random number. 



35. The method of claim 32 further comprising the 
step of: 

preventing the unauthorized decryption of 
25 said encrypted computer program code if com- 

munication over the communications network 
has not been initiated by a telephone call result- 
ing in a per call service fee. 

30 36. A method for the execution of encrypted secured 
software comprising the steps of: 

initiating communication over a communi- 
cations network which results in a service fee; 
transmitting a software identification 
35 identifying the secured software to the commu- 

nications network; 

generating a first random number; 
receiving a second random number; 
combining said first and second random 
40 number to produce a third random number; 

receiving a masked decryption key capa- 
ble of decrypting said secured software; 

unmasking said masked decryption key 
with said third random number, 
45 decrypting said secured software with 

said decryption key. 



32. A method for the execution of encrypted secured 
software comprising the steps of: 

initiating communication over a communi- so 
cations network which results in a service fee; 

transmitting an identification of the se- 
cured software to the communications network; 

r ceiving a decryption key from the com- 
munications network, said decryption key capa- 55 
ble of decrypting said secured software; and 

decrypting said secured software with 
said decryption key. 



37. The method of claims 32 or 36 wherein said step 
of initiating communication over a communica- 
tions network comprises the step of placing a tel- 
ephone call resulting in a per call service fee. 

38. The method of claim 36 wherein said masked de- 
cryption key is encrypted prior to receipt, said 
method further comprising the step of decrypting 
said encrypted masked key prior to unmasking 
said key. 



10 



19 



EP 0 653 695 A2 



20 



39. The method of claim 36 wherein said second ran- 
dom number is encrypted prior to receipt and said 
masked decryption key is encrypted prior to re- 
ceipt, said method further comprising the steps 

of: 5 

decrypting said encrypted masked key pri- 
or to unmasking said key; and 

decrypting said encrypted second random 
number prior to combining said first random num- 
ber and second random number. 10 

40. A method for the registration of software and the 
generation of secured software comprising the 
steps: 

transmitting software identification infor- 15 
mation to a communications network; 

receiving at least one key and a unique 
software identification from the communications 
network; and 

encrypting an executable software file us- 20 
ing said at least one key to create a secured soft- 
ware module, 

wherein said executable software file is 
capable of being executed by a user only after re- 
ceipt of said at least one key. 25 

41. The method of claim 40 wherein said at least one 
key is received by a user only after said user ini- 
tiates a telephone call to a telephone number 
which results in a per call service fee. 30 

42. A software validation method for the registration 
of protected software comprising the steps: 

receiving software identification informa- 
tion from a communications network; 35 

generating a unique software identifica- 
tion code for said received software identifica- 
tion; 

generating at least one cryptographic key; 

transmitting said unique software identif i- 40 
cation code and at least one cryptographic key to 
the communications network; and 

storing said unique software identification 
and at least one cryptographic key, 

wherein said at least one cryptographic 45 
key will be used to generate a secured software 
module, said secured software module being 
executable by a user computer system only after 
receipt of said at least one cryptographic key over 
a communications network, wherein said receipt so 
of said at least one cryptographic key is initiated 
by a telephone call which will result in a per call 
service fee. 
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